Due to the rising incidence of cyber-attacks globally and locally, the Nigerian Communications Commission (NCC) has issued at least six cyber-attack warnings since the beginning of 2022.
In a report, the Senior Manager, Cyber Risk Services, Deloitte, Ms. Funmilola Odumuboni, disclosed that cyber-attack occurs every 39 seconds, and cybercrimes increased by nearly 300 percent since the onset of the COVID-19 outbreak.
Some studies has shown that as a result of the pandemic there have been increased digitalization and adoption of technology, leading to a surge in Internet usage albeit creating a feasting ground for cyberattacks.
A recent report by Check Point Research’s Threat Intelligence Report, disclosed that Nigerian businesses experience about 2,308 attacks across all industries sectors weekly.
It stated that over a six-month period, 62 per cent of Nigerian businesses fell victim to attacks that allowed cybercriminals to gain remote control of devices and the private data stored on them. It said emails were most prominent origin point for 60 per cent of cyberattacks over.
In an attempt to address this, the NCC in 2021 created an incidence response facility to address incidences of cybercrime.
At the inauguration of the Centre for Computer Security Incident Response, the Executive Vice Chairman of NCC, Prof. Umar Danbatta, said that increasing growth in Internet usage, as a result of the pandemic had led to a surge in cyber incidents and criminal activities.
He said, “Thus, the commission recognises that with the borderless nature and pervasiveness of these incidences, relentless and concerted attention is required to protect Internet users as well as the Critical National Information Infrastructure and ensure they are resilient.
The CSIRT’s services will commence with four main thrusts, namely: monitoring, incident management, communication, and alert and warning.
The devices for handling these four areas will be scaled up and expanded as the centre’s operations grow in order to enhance the digital economy and ensure it yields great dividends to Nigerian citizens.”
In its recent advisory, the NCC-CSIRT, issued a warning to organisations and employees after Yanluowang threat actors gained access to Cisco’s network using an employee’s stolen credential.
It advised organisations’ employees to use strong, unique passwords for every account and to enable multi-factor authentication as it helps to prevent ransomware attacks.
It said, “The first step to preventing ransomware attacks is to ensure that employees are using strong, unique passwords for every account and enabling multi-factor authentication (2FA) wherever it’s supported.”
“User education is critical in thwarting this type of attacks or any similar attacks, including ensuring that employees are aware of the legitimate channels through which support personnel will contact users, so that employees can identify fraudulent attempts to obtain sensitive information. Organisations should ensure regular systems backup.”
Identified cyber threats have ranged from those targeted at collecting sensitive information from mobile devices to those that can hack and steal vehicles.
According to NCC estimate, Nigeria losses about $500m yearly to cybercrime.
Experts in the cybersecurity space believe that while cybercrime is growing more sophisticated efforts to curtail it are almost non-existent in the nation.
Deloitte’s ‘Nigeria Cybersecurity Outlook 2022 (January 2022)’, said Nigeria was ranked 16th on its countries mostly affected by Internet crime in 2020 by the Federal Bureau of Investigation.
It said, “It is no longer news that cybercrime is increasing in Nigeria, even though some of these crimes go unreported. Nigeria was ranked 16th among the countries most affected by Internet crime in the world in 2020, according to the FBI in its 2020 Internet crime report.
“These crimes come with associated costs to organisations. In 2021, the Special Fraud Unit of the Nigerian Police Force arrested a man for allegedly hacking into the server of a Nigerian bank to steal N1.87bn.”